Centre for Internet & Society

Rules issued by a control-obsessed government have armed officials with widespread powers to pry into your private life. This article was published in Mail Today on Sunday, May 15, 2011.

The government has gifted itself the power to pry into your electronic personal details without a search warrant. With new IT Rules, it can lay claim to an array of your most sensitive and zealously guarded personal details — ranging from your ATM pin, your net banking password, your credit card details, to the status of your mental health, your DNA profile, and even your sexual orientation. “These rules are a complete invasion of privacy
with immense potentiality of misuse,” says Supreme Court advocate and cyber law expert Pawan Duggal. Drawing attention to the fact that such executive orders are often drafted by government officials who aren’t legally qualified, Duggal asks: "Our medical records and sexual orientation have no bearing on the verification of our identity or our cyber crime record. So why should the state want access to this data?" That is not all. Every key stroke you make at a cyber cafe will now be under the scanner — with cafe owners being asked to maintain logs of your online activities for a minimum of one year. The rules have also turned the heat on internet service providers and social-networking sites to remove objectionable content posted on them, leading to strong objections from Google.

Under provisions of the Indian Post Office Act, 1898, The Indian Telegraph Act, 1885, and the Information Technology Act, 2000, the state already has the power to snoop through the letters you post, the emails you send and the calls you make. But while such surveillance came with several checks and balances, cyber law experts and internet activists say that the government can now access private data with far more ease.

"Whenever any government agency needs to access information on individuals, detailed processes need to be followed so that the rights of the citizen are protected. You need a magistrate — who is not part of the government — to sign a search warrant. A home secretary with the centre or state has to sanction a phone tapping request," points out M.R. Madhavan, head of research, PRS Legislative Research.

These safeguards have not been included for access to electronic databases. "An investigating officer simply needs to give a request in writing, in contravention of all other norms," says Madhavan.

Your privacy is being violated at several levels with the new rules, says Sunil Abraham, executive director of Bangalore’s Centre for Internet and Society. "Cyber cafe owners across the country can now take photos of women coming to their cafes. They also have to show their identity proof. Many women fear they can be harassed on the basis of this information." Cyber cafe owners also have to maintain records on who you are mailing, the subject, how often you access a web page, the packets of data sent and received, etc. Be prepared for rampant leakage of personal information with this provision, warns Abraham.

"A boy who fancies you could easily bribe the cafe owner to get the list of websites you access. The owner will have all the information on you stored for a minimum of one year. No process of destroying the logs has been specified by the IT rules and regulations," says Abraham.

The trouble, says Venkatesh Nayak, the Programme Coordinator for Access to Information, Commonwealth Human Rights Initiative, is that everyone is suspect in the eyes of the government because of the perception that terrorists don’t function like organised crime syndicates.

Privacy concerns are taken far more seriously in the West. "In countries which have a data protection law, there are data protection tribunals and data protection commissioners. It is not that easy for governments to collect sensitive information on individuals and keep it away from them," says Nayak.

The government, meanwhile, denies any invasion of privacy with the rules. "The intent of the rules is to protect sensitive personal information. The rules do not give any undue powers to government agencies for free access of sensitive personal information," the department of Information Technology has said in a statement.

Cyber experts aren’t convinced, and believe that the days of greater surveillance lie ahead. "After 9/11, the US Homeland Security had started accessing databases of public libraries to find out what people were reading. The day may not be far for us," is Nayak’s dark projection.

Read the original published by Mail Today here